Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Using Cyber Defense Exercises to Obtain Additional Data for Attacker Profiling
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.ORCID iD: 0000-0002-2677-9759
SICS Swedish Institute of Computer Science.ORCID iD: 0000-0003-2017-7914
KTH, School of Computer Science and Communication (CSC), Media Technology and Interaction Design, MID.
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
2016 (English)In: Proceedings of the 14th IEEE International Conference on Intelligence and Security Informatics (ISI 2016), Piscataway, New Jersey: IEEE conference proceedings, 2016, p. 37-42Conference paper, Published paper (Refereed)
Abstract [en]

In order to be able to successfully defend an IT system it is useful to have an accurate appreciation of the cyber threat that goes beyond stereotypes. To effectively counter potentially decisive and skilled attackers it is necessary to understand, or at least model, their behavior. Although the real motives for untraceable anonymous attackers will remain a mystery, a thorough understanding of their observable actions can still help to create well-founded attacker profiles that can be used to design effective countermeasures and in other ways enhance cyber defense efforts. In recent work empirically founded attacker profiles, so-called attacker personas, have been used to assess the overall threat situation for an organization. In this paper we elaborate on 1) the use of attacker personas as a technique for attacker profiling, 2) the design of tailor-made cyber defense exercises for the purpose of obtaining the necessary empirical data for the construction of such attacker personas, and 3) how attacker personas can be used for enhancing the situational awareness within the cyber domain. The paper concludes by discussing the possibilities and limitations of using cyber defense exercises for data gathering, and what can and cannot be studied in such exercises.

Place, publisher, year, edition, pages
Piscataway, New Jersey: IEEE conference proceedings, 2016. p. 37-42
Keywords [en]
cyber defense exercise, behavioral modeling, attacker persona, cyber situational awareness
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kth:diva-198560DOI: 10.1109/ISI.2016.7745440ISI: 000390129600007Scopus ID: 2-s2.0-85004190314ISBN: 978-1-5090-3865-7 (print)OAI: oai:DiVA.org:kth-198560DiVA, id: diva2:1057514
Conference
14th IEEE International Conference on Intelligence and Security Informatics - Cybersecurity and Big Data (IEEE ISI), SEP 28-30, 2016, Tucson, AZ
Note

QC 20161219

Available from: 2016-12-18 Created: 2016-12-18 Last updated: 2018-01-13Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Brynielsson, JoelFranke, UlrikTariq, Muhammad AdnanVarga, Stefan
By organisation
Theoretical Computer Science, TCSMedia Technology and Interaction Design, MID
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 123 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf